6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.3%
CMS Made Simple 1.1.3.1 does not check the permissions assigned to users who attempt uploads, which allows remote authenticated users to upload unspecified files via unknown vectors.
securityreason.com/securityalert/3223
www.securityfocus.com/archive/1/481984/100/0/threaded